SlideShare ist ein Scribd-Unternehmen logo

Where next for encryption regulation?

Als PPTX, PDF herunterladen
blogzilla
blogzilla

Short presentation at Annenberg-Oxford summer school on media policy, 9 July 2015.

Technologie
1 von 9
WHERE NEXT FOR ENCRYPTION REGULATION? PROF. IAN BROWN OXFORD INTERNET INSTITUTE @IANBROWNOII
TECHNOLOGY DEVELOPMENTS End-to-end encryption (WhatsApp, Signal, OTR, Yahoo/Google mail), peer-to-peer (Tor) systems Storage encryption using client-held keys is relatively straightforward – on devices (Android, iOS) and Cloud (e.g. SpiderOak) Homomorphic encryption in the cloud? Verifiable?
SECURITY FRAMING FBI Director James Comey: “It makes more sense to address any security risks by developing intercept solutions during the design phase, rather than resorting to a patchwork solution when law enforcement comes knocking after the fact. And with sophisticated encryption, there might be no solution, leaving the government at a dead end — all in the name of privacy and network security.” (2014) UK Prime Minister David Cameron: “In our country, do we want to allow a means of communication between people which, even in extremis, with a signed warrant from the home secretary personally, that we cannot read?” (2015)
NATIONAL POLICIES US: successful industry and civil society advocacy, European country reaction (France), availability of foreign and open source unrestricted software, and 1st amendment cases resulted in relaxation of export controls Sept 1999. India: RIM agreed early 2012 to set up Mumbai server allowing lawful access to BlackBerry individual accounts. Enterprise System accounts not “high concern”. China: indigenous innovation policies; various govt attempts to mandate Chinese non-public encryption algorithms and protocols, esp. in (broadly-defined) CNI. Most have faded, but ZuC algorithms accepted by ETSI as optional for 4G – mandated in China? Russia: GOST block cipher (other ciphers restricted import), TPM import restrictions P Swire and K Ahmad, Encryption and Globalisation, Columbia Science and Technology Law Review, Spring 2012, Vol. 13, pp.416—481
COUNCIL OF EUROPE PARLIAMENTARY ASSEMBLY “17…Assembly strongly endorses…the European Parliament’s call to promote the wide use of encryption and resist any attempts to weaken encryption and other Internet safety standards, not only in the interest of privacy, but also in the interest of threats against national security posed by rogue States.” “19.5 [urges States to] promote the further development of user-friendly (automatic) data protection techniques capable of countering mass surveillance and any other threats to Internet security”
UN SPECIAL RAPPORTEUR REPORT “Encryption and anonymity, separately or together, create a zone of privacy to protect opinion and belief. For instance, they enable private communications and can shield an opinion from outside scrutiny, particularly important in hostile political, social, religious and legal environments. Where States impose unlawful censorship through filtering and other technologies, the use of encryption and anonymity may empower individuals to circumvent barriers and access information and ideas without the intrusion of authorities. Journalists, researchers, lawyers and civil society rely on encryption and anonymity to shield themselves (and their sources, clients and partners) from surveillance and harassment. The ability to search the web, develop ideas and communicate securely may be the only way in which many can explore basic aspects of identity, such as one’s gender, religion, ethnicity, national origin or sexuality.”
ISSUES What are the similarities/differences in political economy from the late 1990s (which resulted in crypto liberalisation in the OECD member states) and today? 1. Interests of actors – industry (OTT providers, access and core networks, OS and application vendors, smartphone manufacturers, mobile operators), civil society (rights advocates, safety/security campaigners…), states, INGOs 2. Which forums are key for decision-making? Governance of rights, regulatory oversight and accountability, and technical infrastructures. Multi-stakeholder processes, multi-actor governance, and the roles of civil society, advocates and technical developers.

Empfohlen

Privacy post-Snowden
Privacy post-SnowdenPrivacy post-Snowden
Privacy post-Snowden
blogzilla
 
Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?
blogzilla
 
Keeping our secrets? Shaping Internet technologies for the public good
Keeping our secrets? Shaping Internet technologies for the public goodKeeping our secrets? Shaping Internet technologies for the public good
Keeping our secrets? Shaping Internet technologies for the public good
blogzilla
 
Copyright and privacy by design - what lessons have we learned?
Copyright and privacy by design - what lessons have we learned?Copyright and privacy by design - what lessons have we learned?
Copyright and privacy by design - what lessons have we learned?
blogzilla
 
Internet governance
Internet governanceInternet governance
Internet governance
Ghazala Ajami
 
An Overview of the Battle for the Control of the Internet
An Overview of the Battle for the Control of the InternetAn Overview of the Battle for the Control of the Internet
An Overview of the Battle for the Control of the Internet
Dibussi Tande
 
Wikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internetWikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internet
Vincy
 
Internet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms dayInternet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms day
moldovaictsummit2016
 

Empfohlen

Privacy post-Snowden
Privacy post-SnowdenPrivacy post-Snowden
Privacy post-Snowden
blogzilla
 
Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?Where next for the Regulation of Investigatory Powers Act?
Where next for the Regulation of Investigatory Powers Act?
blogzilla
 
Keeping our secrets? Shaping Internet technologies for the public good
Keeping our secrets? Shaping Internet technologies for the public goodKeeping our secrets? Shaping Internet technologies for the public good
Keeping our secrets? Shaping Internet technologies for the public good
blogzilla
 
Copyright and privacy by design - what lessons have we learned?
Copyright and privacy by design - what lessons have we learned?Copyright and privacy by design - what lessons have we learned?
Copyright and privacy by design - what lessons have we learned?
blogzilla
 
Internet governance
Internet governanceInternet governance
Internet governance
Ghazala Ajami
 
An Overview of the Battle for the Control of the Internet
An Overview of the Battle for the Control of the InternetAn Overview of the Battle for the Control of the Internet
An Overview of the Battle for the Control of the Internet
Dibussi Tande
 
Wikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internetWikileaks freedom of speech on the internet
Wikileaks freedom of speech on the internet
Vincy
 
Internet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms dayInternet user's rights and fundamental freedoms day
Internet user's rights and fundamental freedoms day
moldovaictsummit2016
 
Freedom of expression on the internet
Freedom of expression on the internetFreedom of expression on the internet
Freedom of expression on the internet
moldovaictsummit2016
 
Cybercrime convention
Cybercrime conventionCybercrime convention
Cybercrime convention
moldovaictsummit2016
 
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
AJHSSR Journal
 
International convention on cyber crime
International convention on cyber crimeInternational convention on cyber crime
International convention on cyber crime
IshitaSrivastava21
 
Legal Aspect of the Cloud by Giuseppe Vaciago
Legal Aspect of the Cloud by Giuseppe VaciagoLegal Aspect of the Cloud by Giuseppe Vaciago
Legal Aspect of the Cloud by Giuseppe Vaciago
Tech and Law Center
 
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan SiberID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
IGF Indonesia
 
International internet governance
International internet governanceInternational internet governance
International internet governance
Jillian York
 
Social media impact on freedom of expression and privacy
Social media impact on freedom of expression and privacySocial media impact on freedom of expression and privacy
Social media impact on freedom of expression and privacy
Yasmin AbdelAziz
 
Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy
Carolina Rossini
 
Trusted government access to private sector data
Trusted government access to private sector dataTrusted government access to private sector data
Trusted government access to private sector data
blogzilla
 
Privacy in the age of anti-terrorism
Privacy in the age of anti-terrorismPrivacy in the age of anti-terrorism
Privacy in the age of anti-terrorism
blogzilla
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Dani Ann Eunice Vargas Espelico
 
Cyber Crime & Cyber Security Workshop, ZIE
Cyber Crime & Cyber Security Workshop, ZIE Cyber Crime & Cyber Security Workshop, ZIE
Cyber Crime & Cyber Security Workshop, ZIE
Kangai Maukazuva, CGEIT
 
Research on Digital Security Act 2018
Research on Digital Security Act 2018Research on Digital Security Act 2018
Research on Digital Security Act 2018
Nilima Tariq
 
Privacy and data protection in the realm of Internet Governance by Santosh Si...
Privacy and data protection in the realm of Internet Governance by Santosh Si...Privacy and data protection in the realm of Internet Governance by Santosh Si...
Privacy and data protection in the realm of Internet Governance by Santosh Si...
Santosh Sigdel
 
Digital security law security of individual or government
Digital security law security of individual or governmentDigital security law security of individual or government
Digital security law security of individual or government
M S Siddiqui
 
Digital security act (DSA)
Digital security act (DSA)Digital security act (DSA)
Digital security act (DSA)
Md.Azizul hakim Anik
 
Cyber security and prevention in Bangladesh
Cyber security and prevention in BangladeshCyber security and prevention in Bangladesh
Cyber security and prevention in Bangladesh
Rabita Rejwana
 
Snezana Trpevska - Content Regulation and Censorship – What is the Difference?
Snezana Trpevska - Content Regulation and Censorship – What is the Difference?Snezana Trpevska - Content Regulation and Censorship – What is the Difference?
Snezana Trpevska - Content Regulation and Censorship – What is the Difference?
Metamorphosis
 
Internet ecosystem and the internet
Internet ecosystem and the internetInternet ecosystem and the internet
Internet ecosystem and the internet
Shreedeep Rayamajhi
 
Challenges from the Cyber Domain: Cyber Security and Human Rights
Challenges from the Cyber Domain: Cyber Security and Human RightsChallenges from the Cyber Domain: Cyber Security and Human Rights
Challenges from the Cyber Domain: Cyber Security and Human Rights
Adam David Brown
 
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
blogzilla
 

Weitere ähnliche Inhalte

Was ist angesagt?

An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
AJHSSR Journal
 
International internet governance
International internet governanceInternational internet governance
International internet governance
Jillian York
 

Was ist angesagt? (20)

Freedom of expression on the internet
Freedom of expression on the internetFreedom of expression on the internet
Freedom of expression on the internet
 
Cybercrime convention
Cybercrime conventionCybercrime convention
Cybercrime convention
 
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
An Exploratory Study on Mechanisms in Place to Combat Hacking In South Africa...
 
International convention on cyber crime
International convention on cyber crimeInternational convention on cyber crime
International convention on cyber crime
 
Legal Aspect of the Cloud by Giuseppe Vaciago
Legal Aspect of the Cloud by Giuseppe VaciagoLegal Aspect of the Cloud by Giuseppe Vaciago
Legal Aspect of the Cloud by Giuseppe Vaciago
 
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan SiberID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
ID IGF 2016 - Hukum 3 - Mewujudkan Kedaulatan dan Ketahanan Siber
 
International internet governance
International internet governanceInternational internet governance
International internet governance
 
Social media impact on freedom of expression and privacy
Social media impact on freedom of expression and privacySocial media impact on freedom of expression and privacy
Social media impact on freedom of expression and privacy
 
Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy Consumers' and Citizens' Privacy
Consumers' and Citizens' Privacy
 
Trusted government access to private sector data
Trusted government access to private sector dataTrusted government access to private sector data
Trusted government access to private sector data
 
Privacy in the age of anti-terrorism
Privacy in the age of anti-terrorismPrivacy in the age of anti-terrorism
Privacy in the age of anti-terrorism
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber Crime & Cyber Security Workshop, ZIE
Cyber Crime & Cyber Security Workshop, ZIE Cyber Crime & Cyber Security Workshop, ZIE
Cyber Crime & Cyber Security Workshop, ZIE
 
Research on Digital Security Act 2018
Research on Digital Security Act 2018Research on Digital Security Act 2018
Research on Digital Security Act 2018
 
Privacy and data protection in the realm of Internet Governance by Santosh Si...
Privacy and data protection in the realm of Internet Governance by Santosh Si...Privacy and data protection in the realm of Internet Governance by Santosh Si...
Privacy and data protection in the realm of Internet Governance by Santosh Si...
 
Digital security law security of individual or government
Digital security law security of individual or governmentDigital security law security of individual or government
Digital security law security of individual or government
 
Digital security act (DSA)
Digital security act (DSA)Digital security act (DSA)
Digital security act (DSA)
 
Cyber security and prevention in Bangladesh
Cyber security and prevention in BangladeshCyber security and prevention in Bangladesh
Cyber security and prevention in Bangladesh
 
Snezana Trpevska - Content Regulation and Censorship – What is the Difference?
Snezana Trpevska - Content Regulation and Censorship – What is the Difference?Snezana Trpevska - Content Regulation and Censorship – What is the Difference?
Snezana Trpevska - Content Regulation and Censorship – What is the Difference?
 
Internet ecosystem and the internet
Internet ecosystem and the internetInternet ecosystem and the internet
Internet ecosystem and the internet
 

Ähnlich wie Where next for encryption regulation?

Open Letter to President Obama Opposing Backdoors and Defective Encryption
Open Letter to President Obama Opposing Backdoors and Defective EncryptionOpen Letter to President Obama Opposing Backdoors and Defective Encryption
Open Letter to President Obama Opposing Backdoors and Defective Encryption
Alvaro Lopez Ortega
 
THE PROFESSIONALIZATION OF THE HACKER INDUSTRY
THE PROFESSIONALIZATION OF THE HACKER INDUSTRYTHE PROFESSIONALIZATION OF THE HACKER INDUSTRY
THE PROFESSIONALIZATION OF THE HACKER INDUSTRY
ijcsit
 
The Professionalization of the Hacker Industry
The Professionalization of the Hacker IndustryThe Professionalization of the Hacker Industry
The Professionalization of the Hacker Industry
AIRCC Publishing Corporation
 

Ähnlich wie Where next for encryption regulation? (20)

Challenges from the Cyber Domain: Cyber Security and Human Rights
Challenges from the Cyber Domain: Cyber Security and Human RightsChallenges from the Cyber Domain: Cyber Security and Human Rights
Challenges from the Cyber Domain: Cyber Security and Human Rights
 
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
Faraday Cages, Marbled Palaces and Humpty Dumpty: the Reality of Internet Gov...
 
2020.10.11 international statement_end-to-end_encryption_and_public_safety_fo...
2020.10.11 international statement_end-to-end_encryption_and_public_safety_fo...2020.10.11 international statement_end-to-end_encryption_and_public_safety_fo...
2020.10.11 international statement_end-to-end_encryption_and_public_safety_fo...
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
 
Open Letter to President Obama Opposing Backdoors and Defective Encryption
Open Letter to President Obama Opposing Backdoors and Defective EncryptionOpen Letter to President Obama Opposing Backdoors and Defective Encryption
Open Letter to President Obama Opposing Backdoors and Defective Encryption
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorism
 
Cyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responsesCyber(in)security: systemic risks and responses
Cyber(in)security: systemic risks and responses
 
Systemic cybersecurity risk
Systemic cybersecurity riskSystemic cybersecurity risk
Systemic cybersecurity risk
 
Igf 2013 daily news edititon 5
Igf 2013 daily news edititon 5Igf 2013 daily news edititon 5
Igf 2013 daily news edititon 5
 
THE PROFESSIONALIZATION OF THE HACKER INDUSTRY
THE PROFESSIONALIZATION OF THE HACKER INDUSTRYTHE PROFESSIONALIZATION OF THE HACKER INDUSTRY
THE PROFESSIONALIZATION OF THE HACKER INDUSTRY
 
The Professionalization of the Hacker Industry
The Professionalization of the Hacker IndustryThe Professionalization of the Hacker Industry
The Professionalization of the Hacker Industry
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through Cooperation
 
Security Solutions for Hyperconnectivity and the Internet of Things
Security Solutions for Hyperconnectivity and the Internet of ThingsSecurity Solutions for Hyperconnectivity and the Internet of Things
Security Solutions for Hyperconnectivity and the Internet of Things
 
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
Tails Linux Operating System: The Amnesiac Incognito System in Times of High ...
 
Internet Safety
Internet SafetyInternet Safety
Internet Safety
 
Vincent O. Mwando - Encryption
Vincent O. Mwando - EncryptionVincent O. Mwando - Encryption
Vincent O. Mwando - Encryption
 
The Rise of Internet Freedom Activism
The Rise of Internet Freedom ActivismThe Rise of Internet Freedom Activism
The Rise of Internet Freedom Activism
 
Tackling the cyber security threat (2016 - v1.0)
Tackling the cyber security threat (2016 - v1.0)Tackling the cyber security threat (2016 - v1.0)
Tackling the cyber security threat (2016 - v1.0)
 
Digital Repression and Techno-Authoritarianism
Digital Repression and Techno-AuthoritarianismDigital Repression and Techno-Authoritarianism
Digital Repression and Techno-Authoritarianism
 
Power and Leverage in the XXI Century
Power and Leverage in the XXI CenturyPower and Leverage in the XXI Century
Power and Leverage in the XXI Century
 

Mehr von blogzilla

Regulating code
Regulating codeRegulating code
Regulating code
blogzilla
 

Mehr von blogzilla (20)

Interoperability for SNS competition
Interoperability for SNS competitionInteroperability for SNS competition
Interoperability for SNS competition
 
Transatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgmentTransatlantic data flows following the Schrems II judgment
Transatlantic data flows following the Schrems II judgment
 
Lessons for interoperability remedies from UK Open Banking
Lessons for interoperability remedies from UK Open BankingLessons for interoperability remedies from UK Open Banking
Lessons for interoperability remedies from UK Open Banking
 
Covid exposure apps in England and Wales
Covid exposure apps in England and WalesCovid exposure apps in England and Wales
Covid exposure apps in England and Wales
 
Key issues in data protection policy
Key issues in data protection policyKey issues in data protection policy
Key issues in data protection policy
 
Interoperability in the Digital Services Act
Interoperability in the Digital Services ActInteroperability in the Digital Services Act
Interoperability in the Digital Services Act
 
Making effective policy use of academic expertise
Making effective policy use of academic expertiseMaking effective policy use of academic expertise
Making effective policy use of academic expertise
 
Introduction to Cybersecurity for Elections
Introduction to Cybersecurity for ElectionsIntroduction to Cybersecurity for Elections
Introduction to Cybersecurity for Elections
 
Cyber Essentials for Managers
Cyber Essentials for ManagersCyber Essentials for Managers
Cyber Essentials for Managers
 
Privacy and Data Protection in South Africa
Privacy and Data Protection in South AfricaPrivacy and Data Protection in South Africa
Privacy and Data Protection in South Africa
 
Human rights and the future of surveillance - Lord Anderson QC
Human rights and the future of surveillance - Lord Anderson QCHuman rights and the future of surveillance - Lord Anderson QC
Human rights and the future of surveillance - Lord Anderson QC
 
Data science and privacy regulation
Data science and privacy regulationData science and privacy regulation
Data science and privacy regulation
 
Regulation and the Internet of Things
Regulation and the Internet of ThingsRegulation and the Internet of Things
Regulation and the Internet of Things
 
Global Cyber Security Capacity Centre
Global Cyber Security Capacity CentreGlobal Cyber Security Capacity Centre
Global Cyber Security Capacity Centre
 
The Data Retention Directive: recent developments
The Data Retention Directive: recent developmentsThe Data Retention Directive: recent developments
The Data Retention Directive: recent developments
 
Trust in the Cloud
Trust in the CloudTrust in the Cloud
Trust in the Cloud
 
Can the law control Digital Leviathan?
Can the law control Digital Leviathan?Can the law control Digital Leviathan?
Can the law control Digital Leviathan?
 
Investigating cybercrime at the United Nations
Investigating cybercrime at the United NationsInvestigating cybercrime at the United Nations
Investigating cybercrime at the United Nations
 
Regulating code
Regulating codeRegulating code
Regulating code
 
Data protection redress in the UK
Data protection redress in the UKData protection redress in the UK
Data protection redress in the UK
 

Kürzlich hochgeladen

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Kürzlich hochgeladen (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 

Where next for encryption regulation?

  • 1. WHERE NEXT FOR ENCRYPTION REGULATION? PROF. IAN BROWN OXFORD INTERNET INSTITUTE @IANBROWNOII
  • 2.
  • 3. TECHNOLOGY DEVELOPMENTS End-to-end encryption (WhatsApp, Signal, OTR, Yahoo/Google mail), peer-to-peer (Tor) systems Storage encryption using client-held keys is relatively straightforward – on devices (Android, iOS) and Cloud (e.g. SpiderOak) Homomorphic encryption in the cloud? Verifiable?
  • 4. SECURITY FRAMING FBI Director James Comey: “It makes more sense to address any security risks by developing intercept solutions during the design phase, rather than resorting to a patchwork solution when law enforcement comes knocking after the fact. And with sophisticated encryption, there might be no solution, leaving the government at a dead end — all in the name of privacy and network security.” (2014) UK Prime Minister David Cameron: “In our country, do we want to allow a means of communication between people which, even in extremis, with a signed warrant from the home secretary personally, that we cannot read?” (2015)
  • 5. NATIONAL POLICIES US: successful industry and civil society advocacy, European country reaction (France), availability of foreign and open source unrestricted software, and 1st amendment cases resulted in relaxation of export controls Sept 1999. India: RIM agreed early 2012 to set up Mumbai server allowing lawful access to BlackBerry individual accounts. Enterprise System accounts not “high concern”. China: indigenous innovation policies; various govt attempts to mandate Chinese non-public encryption algorithms and protocols, esp. in (broadly-defined) CNI. Most have faded, but ZuC algorithms accepted by ETSI as optional for 4G – mandated in China? Russia: GOST block cipher (other ciphers restricted import), TPM import restrictions P Swire and K Ahmad, Encryption and Globalisation, Columbia Science and Technology Law Review, Spring 2012, Vol. 13, pp.416—481
  • 6. COUNCIL OF EUROPE PARLIAMENTARY ASSEMBLY “17…Assembly strongly endorses…the European Parliament’s call to promote the wide use of encryption and resist any attempts to weaken encryption and other Internet safety standards, not only in the interest of privacy, but also in the interest of threats against national security posed by rogue States.” “19.5 [urges States to] promote the further development of user-friendly (automatic) data protection techniques capable of countering mass surveillance and any other threats to Internet security”
  • 7. UN SPECIAL RAPPORTEUR REPORT “Encryption and anonymity, separately or together, create a zone of privacy to protect opinion and belief. For instance, they enable private communications and can shield an opinion from outside scrutiny, particularly important in hostile political, social, religious and legal environments. Where States impose unlawful censorship through filtering and other technologies, the use of encryption and anonymity may empower individuals to circumvent barriers and access information and ideas without the intrusion of authorities. Journalists, researchers, lawyers and civil society rely on encryption and anonymity to shield themselves (and their sources, clients and partners) from surveillance and harassment. The ability to search the web, develop ideas and communicate securely may be the only way in which many can explore basic aspects of identity, such as one’s gender, religion, ethnicity, national origin or sexuality.”
  • 8.
  • 9. ISSUES What are the similarities/differences in political economy from the late 1990s (which resulted in crypto liberalisation in the OECD member states) and today? 1. Interests of actors – industry (OTT providers, access and core networks, OS and application vendors, smartphone manufacturers, mobile operators), civil society (rights advocates, safety/security campaigners…), states, INGOs 2. Which forums are key for decision-making? Governance of rights, regulatory oversight and accountability, and technical infrastructures. Multi-stakeholder processes, multi-actor governance, and the roles of civil society, advocates and technical developers.

Hinweis der Redaktion

  1. https://www.eff.org/secure-messaging-scorecard